[Guig0]

Hi dudes,


I have a win2k adv. server that keeps rebooting by itself, due to an unexpected termination of the LSASS.exe.

I have seen tons of information about possible causes (viruses), and the respective fix methods, but none of the worked.


McAfee, Spybot, AdAware, CWS Shredder and TDS3 have failed in restoring my PC back to normal.
All of them got some bad files in the process, but the ystem keeps rebooting anyway.



is there anyone that knows a way to restore my server, and therefore my job, back to normal?


Thanks in advance!

Edited by Guig0, 07 June 2005 - 03:21 PM.

[Advertisements]

is it doing this when booting, or after it's been running for a while?

Can you get into windows at all?

[gerryf]

is it doing this when booting, or after it's been running for a while?

Can you get into windows at all?

[Guig0]

hi, thanks for your time dude.


yes, i can get in to windows normally.
the thing is that after a time, a system window pops up saying that the computer will be rebooted in xx seconds due to an unexpected termination of the LSASS.exe.


note that i cant place here the exact phrase coz my windows is in portuguese language, and i guess no one here would understand... so i did my best trasnlation.

[Guig0]

update: my impression is that after many atempts using various AV softwares (listed in 1th post) i got rid of the viruses, but that LSASS.exe remains damaged.

is it possible?

and if it is, how can i restore it?

[gerryf]

that's not how it works...the virus causes the error, so you must still be infected, or that's not it.

What AV programs did you run?

Do you have all service packs loaded? And patches after that?

[Guig0]

used McAfee, Spybot, AdAware, CWS Shredder and TDS3

i do not have all SPs and Patches installed..



the only file that i did recognized as harmfull is frexxx.exe... do you know that file?

[gerryf]

install them...

and no, that is not a windows file....

[gerryf]

Please go to the malware forum in my signature and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.

[Guig0]

aye aye sir!